Vulnerability CVE-2018-14622

Vulnerability Name:

CVE-2018-14622 (CCN-149185)

Assigned:

2016-03-03

Published:

2016-03-03

Updated:

2023-02-03

Summary:

A null-pointer dereference vulnerability was found in libtirpc before version 0.3.3-rc3. The return value of makefd_xprt() was not checked in all instances, which could lead to a crash when the server exhausted the maximum number of available file descriptors. A remote attacker could cause an rpc-based application to crash by flooding it with new connections.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

5.3 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
4.6 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

Vulnerability Type:

CWE-252

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2018-14622

Source: secalert@redhat.com
Type: Patch, Third Party Advisory
secalert@redhat.com

Source: CCN
Type: IBM Security Bulletin 874448 (Dynamic System Analysis (DSA) Preboot)
IBM Dynamic System Analysis (DSA) Preboot is affected by vulnerabilities in libtirpc (CVE-2018-14622 CVE-2018-14621)

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Issue Tracking, Third Party Advisory
secalert@redhat.com

Source: CCN
Type: Red Hat Bugzilla Bug 1620293
(CVE-2018-14622) CVE-2018-14622 libtirpc: Segmentation fault in makefd_xprt return value in svc_vc.c

Source: secalert@redhat.com
Type: Issue Tracking, Third Party Advisory
secalert@redhat.com

Source: XF
Type: UNKNOWN
libtirpc-cve201814622-dos(149185)

Source: secalert@redhat.com
Type: Mailing List, Third Party Advisory
secalert@redhat.com

Source: CCN
Type: SourceForge Web site
libtirpc download | SourceForge.net

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: secalert@redhat.com
Type: Third Party Advisory
secalert@redhat.com

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2018-14622

Vulnerable Configuration:

Configuration RedHat 1:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 3:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201814622	V	CVE-2018-14622	2022-05-22
oval:org.opensuse.security:def:34050	P	Security update for java-1_8_0-ibm (Important) (in QA)	2022-01-04
oval:org.opensuse.security:def:33760	P	Security update for mariadb (Moderate)	2021-12-30
oval:org.opensuse.security:def:31327	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-12-14
oval:org.opensuse.security:def:34011	P	Security update for MozillaFirefox (Important)	2021-12-12
oval:org.opensuse.security:def:33749	P	Security update for webkit2gtk3 (Important)	2021-12-01
oval:org.opensuse.security:def:33748	P	Security update for clamav (Moderate)	2021-12-01
oval:org.opensuse.security:def:34593	P	Security update for postgresql, postgresql13, postgresql14 (Important)	2021-11-20
oval:org.opensuse.security:def:35271	P	Security update for python-urllib3 (Moderate)	2021-09-29
oval:org.opensuse.security:def:34549	P	Security update for gd (Moderate)	2021-09-23
oval:org.opensuse.security:def:31278	P	Security update for xen (Important)	2021-09-23
oval:org.opensuse.security:def:33005	P	Security update for gtk-vnc (Moderate)	2021-09-16
oval:org.opensuse.security:def:34524	P	Security update for openexr (Important)	2021-09-02
oval:org.opensuse.security:def:35262	P	Security update for libcares2 (Important)	2021-08-16
oval:org.opensuse.security:def:34485	P	Security update for MozillaFirefox (Important)	2021-07-16
oval:org.opensuse.security:def:30099	P	Security update for libgcrypt (Important)	2021-06-24
oval:org.opensuse.security:def:36159	P	kdebase4-runtime-4.3.5-0.3.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:36118	P	emacs-22.3-4.42.1 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:32107	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP3) (Important)	2021-06-04
oval:org.opensuse.security:def:31182	P	Security update for libwebp (Critical)	2021-06-02
oval:org.opensuse.security:def:32918	P	Security update for djvulibre (Important)	2021-05-19
oval:org.opensuse.security:def:30185	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:32069	P	Security update for xorg-x11-server (Important)	2021-04-14
oval:org.opensuse.security:def:31366	P	Security update for wavpack (Important)	2021-03-24
oval:org.opensuse.security:def:30042	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP2) (Important)	2021-03-17
oval:org.opensuse.security:def:34637	P	Security update for postgresql-jdbc (Moderate)	2021-02-25
oval:org.opensuse.security:def:34626	P	Security update for wpa_supplicant (Important)	2021-02-15
oval:org.opensuse.security:def:34625	P	Security update for perl-File-Path (Moderate)	2021-02-12
oval:org.opensuse.security:def:31222	P	Security update for MozillaFirefox (Important)	2021-01-29
oval:org.opensuse.security:def:34436	P	Security update for dnsmasq (Important)	2021-01-19
oval:org.opensuse.security:def:31219	P	Security update for openssh (Moderate)	2021-01-05
oval:org.opensuse.security:def:33979	P	Security update for java-1_8_0-ibm (Moderate)	2021-01-05
oval:org.opensuse.security:def:29962	P	Security update for MozillaFirefox (Critical)	2020-12-21
oval:org.opensuse.security:def:35231	P	Security update for the Linux Kernel (Important)	2020-12-09
oval:org.opensuse.security:def:29955	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP2) (Important)	2020-12-07
oval:org.opensuse.security:def:26794	P	openvpn on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29263	P	Security update for wpa_supplicant (Important)	2020-12-01
oval:org.opensuse.security:def:26783	P	mipv6d on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32861	P	foomatic-filters on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29224	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:26782	P	man on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:32767	P	pcsc-lite on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29175	P	Security update for microcode_ctl (Important)	2020-12-01
oval:org.opensuse.security:def:32632	P	apache2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29121	P	Security update for java-1_7_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:32554	P	libltdl7 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28969	P	Security update for orca (Moderate)	2020-12-01
oval:org.opensuse.security:def:32543	P	lcms on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28885	P	Security update for bind (Important)	2020-12-01
oval:org.opensuse.security:def:32542	P	kvm on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:28828	P	Security update for rxvt-unicode	2020-12-01
oval:org.opensuse.security:def:28743	P	Security update for libgcrypt	2020-12-01
oval:org.opensuse.security:def:34378	P	Security update for tiff (Moderate)	2020-12-01
oval:org.opensuse.security:def:30544	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:28612	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:34221	P	Security update for php5 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30500	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:28544	P	Security update for Mozilla Firefox	2020-12-01
oval:org.opensuse.security:def:34132	P	Security update for libtasn1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30481	P	Security update for bsdtar (Important)	2020-12-01
oval:org.opensuse.security:def:28533	P	Security update for bogofilter	2020-12-01
oval:org.opensuse.security:def:34075	P	Security update for libxml2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30442	P	Security update for zsh (Moderate)	2020-12-01
oval:org.opensuse.security:def:28532	P	Security update for bind	2020-12-01
oval:org.opensuse.security:def:30393	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:35480	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:33843	P	Security update for gtk2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:30338	P	Security update for transfig (Low)	2020-12-01
oval:org.opensuse.security:def:35436	P	Security update for openvpn (Important)	2020-12-01
oval:org.opensuse.security:def:35409	P	Security update for openssl (Important)	2020-12-01
oval:org.opensuse.security:def:35370	P	Security update for net-snmp (Moderate)	2020-12-01
oval:org.opensuse.security:def:35321	P	Security update for microcode_ctl (Moderate)	2020-12-01
oval:org.opensuse.security:def:31431	P	Security update for php53 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29823	P	Security update for java-1_6_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:35103	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:31387	P	Security update for openvpn-openssl1 (Moderate)	2020-12-01
oval:org.opensuse.security:def:29750	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:35013	P	Security update for gpg2 (Important)	2020-12-01
oval:org.opensuse.security:def:29739	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34956	P	Security update for foomatic-filters (Moderate)	2020-12-01
oval:org.opensuse.security:def:28231	P	Security update for libtirpc (Moderate)	2020-12-01
oval:org.opensuse.security:def:29738	P	Security update for freetype2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:34857	P	Security update for clamav (Important)	2020-12-01
oval:org.opensuse.security:def:28196	P	Security update for libevent (Moderate)	2020-12-01
oval:org.opensuse.security:def:34721	P	Security update for ImageMagick (Moderate)	2020-12-01
oval:org.opensuse.security:def:27558	P	rubygem-bundler on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:31067	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:27514	P	memcached on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30980	P	Security update for icu	2020-12-01
oval:org.opensuse.security:def:27500	P	libwebkit-1_0-2 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30923	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:27461	P	libmspack-devel on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30833	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:27412	P	glibc-html on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33373	P	Security update for compat-openssl097g	2020-12-01
oval:org.opensuse.security:def:30701	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:27359	P	Mesa-devel-32bit on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33329	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:30627	P	Security update for Xen	2020-12-01
oval:org.opensuse.security:def:27208	P	libpoppler-glib4 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33306	P	yast2-core on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:30616	P	Security update for tomcat6	2020-12-01
oval:org.opensuse.security:def:27124	P	findutils on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33267	P	system-config-printer on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29998	P	Security update for libtirpc (Moderate)	2020-12-01
oval:org.opensuse.security:def:30615	P	Security update for systemtap	2020-12-01
oval:org.opensuse.security:def:27067	P	LibVNCServer on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33218	P	openssh on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:26986	P	logwatch on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:33161	P	libmspack0 on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29324	P	Security update for compat-openssl097g (Important)	2020-12-01
oval:org.opensuse.security:def:26858	P	aaa_base on GA media (Moderate)	2020-12-01
oval:org.opensuse.security:def:29280	P	Security update for xorg-x11-libX11 (Moderate)	2020-12-01
oval:com.ubuntu.bionic:def:201814622000	V	CVE-2018-14622 on Ubuntu 18.04 LTS (bionic) - medium.	2018-08-30
oval:com.ubuntu.bionic:def:2018146220000000	V	CVE-2018-14622 on Ubuntu 18.04 LTS (bionic) - medium.	2018-08-30
oval:com.ubuntu.trusty:def:201814622000	V	CVE-2018-14622 on Ubuntu 14.04 LTS (trusty) - medium.	2018-08-30
oval:com.ubuntu.xenial:def:2018146220000000	V	CVE-2018-14622 on Ubuntu 16.04 LTS (xenial) - medium.	2018-08-30
oval:com.ubuntu.xenial:def:201814622000	V	CVE-2018-14622 on Ubuntu 16.04 LTS (xenial) - medium.	2018-08-30
oval:com.redhat.rhba:def:20171991	P	RHBA-2017:1991: libtirpc bug fix update (Low)	2017-08-01

BACK